Rising smartphone adoption, skyrocketing data repositories and security gaps in virtual machines will be among the top cyber-security challenges for IT organizations in 2011, antivirus vendor Symantec predicts.

Many organizations might be too slow to avoid these threats until it’s too late, said Kevin Haley, director of product management for Symantec Security Response.

“Unfortunately as we see in the security business, once we have some big incidences, when there are serious losses, that’s a big motivator for people,” he said. “It’s unfortunate that it comes to that, but I would expect that when we see the first big newsworthy incident, that will motivate a lot of people to start looking at these issues and taking steps.”

Symantec predicts that hackers will target mobile devices more as they grow in popularity, speed and storage capability. Analyst firm IDC estimates that mobile device shipments will increase by 55 percent by the end of 2011.

“They’re little smart computers that you carry around with you, and there’s a tremendous convenience to that, and that’s never going to go away,” Haley said. “The flipside is it’s like a computer — except that it’s even easier to lose than a laptop when you’re out and about — and that’s probably one of the biggest concerns that people have today.”

The company also predicts that data retention will grow so much that organizations may have trouble securing and managing it. Storage costs could grow accordingly, and as mobile device adoption grows, so will the possibilities for data to be lost if the device is lost.

“I once had a conversation with somebody at a very large company, and he said, ‘I know that 30 percent of the data that my organization has is critical and very important. I just don’t know what 30 percent it is,’” Haley said.

Getting a firm handle on security in the virtualization space could be a third hurdle for organizations this year. Symantec predicts that decision-makers will inadvertently create more security holes in their zeal to expand their virtual environment. Security protocols might not be a priority for them when they’re so focused on increasing virtualization in order to reduce storage costs and increase computing capability.

“Those virtualized environments are kind of disposable and easily replaced — that’s true within the one context of getting a new one up and running — but it’s doesn’t mean that the data contained in them doesn’t need to be protected,” Haley said.

By day, Hilton Collins is a staff writer for Government Technology and Emergency Management magazines who covers sustainability, cybersecurity and disaster management issues. By night, he’s a sci-fi/fantasy fanatic, and if he had to choose between comic books, movies, TV shows and novels, he’d have a brain aneurysm. He can be reached at hcollins@govtech.com and on @hiltoncollins on Twitter.